API calls below allow for cryptographically strong hashing of password and other secrets. For instance, if there is a need
to securely save a user’s password to the database and later verify it - this is the API to use.

Note that Zato has an entire Single-Sign On and user management API that automates user authentication,
without programming needed, and the functionality below is meant to be used in situations when SSO and user API should be
extended with custom features. Otherwise, the SSO and user API is the most convenient one to use.

# -*- coding: utf-8 -*-from__future__importabsolute_import,division,print_function,unicode_literals# Zatofromzato.server.serviceimportServiceclassMyService(Service):defhandle(self):# Suppose there is a password to hashdata='C61mBoPzpa2sA'# Log data to be manipulatedself.logger.info('Data `%s`',data)# Hash it - the result can be saved to# some kind of storage in order to verify it later onhashed=self.crypto.hash_secret(data)# Log the resulting formself.logger.info('Hashed `%s`',hashed)

# -*- coding: utf-8 -*-from__future__importabsolute_import,division,print_function,unicode_literals# Zatofromzato.server.serviceimportServiceclassMyService(Service):defhandle(self):# This function should load the hashed from, e.g. from a databasehashed=load_hashed()# This is the data to be checked against the hashed value,# e.g. a user's passworddata=load_data()# Returns a boolean flag to indicate if verification succeeededis_valid=self.crypto.verify_hash(data,hashed)